It’s infuriating to create a “strong password” with letters, numbers, upper and lowercase, symbols, and non-repeating text… but it has to be only 8 to 16 characters long.
That’s not a “strong” password, random characters or not.
Is there a limitation that somehow prevents these sites from allowing more than 16 characters?
I’m talking government websites, not just forums. It seems crazy to me.
There was one point in time when Intel’s website only allowed up to 14 characters and disallowed certain special characters. If I had to guess why, fear of inadequate error checking and fear of sql injection.